I have a secured servlet that accesses a secured Entity EJB and they work fine in JBoss-2.2.2_Tomcat-3.2.2. Upgrading to JBoss-2.4.3_Tomcat-3.2.3 produces this error, however. Do I have to re-write any of my security for JBoss 2.4? The changelog doesn't seem to indicate that. Thanks.